Using Elastic Network Interfaces with Your VPC

An elastic network interface (ENI) is a virtual network interface that can include the
following attributes:

a primary private IP address

one or more secondary private IP addresses

one Elastic IP address per private IP address

one public IP address, which can be auto-assigned to the network interface for eth0 when
you launch an instance, but only when you create a network interface for eth0 instead of
using an existing network interface

one or more security groups

a MAC address

a source/destination check flag

a description

You can create an ENI, attach it to an instance, detach it from an instance,
and attach it to another instance. An ENI's attributes follow the ENI as it is attached or
detached from an instance and reattached to another instance. When you move an ENI from
one instance to another, network traffic is redirected to the new instance.

Each instance in your VPC has a default elastic network interface (the primary network
interface) that is assigned a private IP address from the IP address range of your VPC. You
cannot detach a primary network interface from an instance. You can create and attach an
additional elastic network interface to any instance in your VPC. The number of ENIs you can
attach varies by instance type. For more information, see Private IP Addresses Per ENI Per Instance
Type in the Amazon EC2 User Guide for Linux Instances.

Attaching multiple ENIs to an instance is useful when you want to:

Create a management network.

Use network and security appliances in your VPC.

Create dual-homed instances with workloads/roles on distinct subnets.

Create a low-budget, high-availability solution.

For more information about ENIs, and step-by-step instructions for working with them using
the Amazon EC2 console, see Elastic Network
Interfaces in the Amazon EC2 User Guide for Linux Instances.